From owner-p4-projects@FreeBSD.ORG Tue Feb 21 18:16:31 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 0CDFA16A423; Tue, 21 Feb 2006 18:16:31 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C5A2916A420 for ; Tue, 21 Feb 2006 18:16:30 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4713D43D49 for ; Tue, 21 Feb 2006 18:16:30 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k1LIGUCA056423 for ; Tue, 21 Feb 2006 18:16:30 GMT (envelope-from csjp@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k1LIGT30056420 for perforce@freebsd.org; Tue, 21 Feb 2006 18:16:29 GMT (envelope-from csjp@freebsd.org) Date: Tue, 21 Feb 2006 18:16:29 GMT Message-Id: <200602211816.k1LIGT30056420@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to csjp@freebsd.org using -f From: "Christian S.J. Peron" To: Perforce Change Reviews Cc: Subject: PERFORCE change 92132 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Feb 2006 18:16:32 -0000 http://perforce.freebsd.org/chv.cgi?CH=92132 Change 92132 by csjp@csjp_xor on 2006/02/21 18:15:32 Keep audit error syslog messages using a consistent format, prefix all error messages with "audit", remove redundant data which will show up in the syslog messages. Affected files ... .. //depot/projects/trustedbsd/audit3/usr.bin/login/login_audit.c#15 edit Differences ... ==== //depot/projects/trustedbsd/audit3/usr.bin/login/login_audit.c#15 (text+ko) ==== @@ -74,7 +74,7 @@ if (errno == ENOSYS) return; syslog(LOG_AUTH | LOG_ERR, - "Could not determine audit condition: %s", + "audit: could not determine audit condition: %s", strerror(errno)); errx(1, "Permission denied"); } @@ -84,7 +84,7 @@ /* Compute and set the user's preselection mask. */ if (au_user_mask(pwd->pw_name, &aumask) == -1) { syslog(LOG_AUTH | LOG_ERR, - "Could not set audit mask: %s", strerror(errno)); + "audit: could not set audit mask: %s", strerror(errno)); errx(1, "Permission denied"); } @@ -94,40 +94,41 @@ bcopy(&tid, &auinfo.ai_termid, sizeof(auinfo.ai_termid)); bcopy(&aumask, &auinfo.ai_mask, sizeof(auinfo.ai_mask)); if (setaudit(&auinfo) != 0) { - syslog(LOG_AUTH | LOG_ERR, "setaudit failed: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: setaudit failed: %s", strerror(errno)); errx(1, "Permission denied"); } if ((aufd = au_open()) == -1) { - syslog(LOG_AUTH | LOG_ERR, "au_open failed: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", strerror(errno)); errx(1,"Permission denied"); } if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, gid, pid, pid, &tid)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_to_subject32 failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if ((tok = au_to_return32(0, 0)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, "au_to_return32 failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_to_return32 failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if (au_close(aufd, 1, AUE_login) == -1) { - syslog(LOG_AUTH | LOG_ERR, "audit record not committed"); + syslog(LOG_AUTH | LOG_ERR, + "audit: audit record not committed"); errx(1, "Permission denied"); } } @@ -151,7 +152,7 @@ if (errno == ENOSYS) return; syslog(LOG_AUTH | LOG_ERR, - "could not determine audit condition: %s", + "audit: could not determine audit condition: %s", strerror(errno)); errx(1, "Permission denied"); } @@ -159,7 +160,7 @@ return; if ((aufd = au_open()) == -1) { - syslog(LOG_AUTH | LOG_ERR, "au_open failed: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_open failed: %s", strerror(errno)); errx(1, "Permission denied"); } @@ -171,7 +172,8 @@ */ if ((tok = au_to_subject32(-1, geteuid(), getegid(), -1, -1, pid, -1, &tid)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed"); + syslog(LOG_AUTH | LOG_ERR, + "audit: au_to_subject32 failed"); errx(1, "Permission denied"); } } else { @@ -180,41 +182,42 @@ gid = pwd->pw_gid; if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, gid, pid, pid, &tid)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, "au_to_subject32 failed"); + syslog(LOG_AUTH | LOG_ERR, + "audit: au_to_subject32 failed"); errx(1, "Permission denied"); } } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } /* Include the error message. */ if ((tok = au_to_text(errmsg)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, "au_to_text failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_to_text failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if ((tok = au_to_return32(1, errno)) == NULL) { syslog(LOG_AUTH | LOG_ERR, - "login: Audit Error: au_to_return32() failed"); + "audit: au_to_return32() failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if (au_close(aufd, 1, AUE_login) == -1) { syslog(LOG_AUTH | LOG_ERR, - "login: Audit Error: au_close() was not committed"); + "audit: au_close() was not committed"); errx(1, "Permission denied"); } } @@ -240,7 +243,7 @@ if (errno == ENOSYS) return; syslog(LOG_AUTH | LOG_ERR, - "login: Could not determine audit condition: %s", + "audit: could not determine audit condition: %s", strerror(errno)); errx(1, "Permission denied"); } @@ -248,37 +251,34 @@ return; if ((aufd = au_open()) == -1) { - syslog(LOG_AUTH | LOG_ERR, - "login: Audit Error: au_open() failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_open() failed"); errx(1, "Permission denied"); } /* The subject that is created (euid, egid of the current process). */ if ((tok = au_to_subject32(uid, geteuid(), getegid(), uid, gid, pid, pid, &tid)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, - "login: Audit Error: au_to_subject32() failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_to_subject32() failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if ((tok = au_to_return32(0, 0)) == NULL) { - syslog(LOG_AUTH | LOG_ERR, - "login: Audit Error: au_to_return32() failed"); + syslog(LOG_AUTH | LOG_ERR, "audit: au_to_return32() failed"); errx(1, "Permission denied"); } if (au_write(aufd, tok) < 0) { - syslog(LOG_AUTH | LOG_ERR, "au_write faied: %s", + syslog(LOG_AUTH | LOG_ERR, "audit: au_write faied: %s", strerror(errno)); errx(1, "Permission denied"); } if (au_close(aufd, 1, AUE_logout) == -1) { - syslog(LOG_AUTH | LOG_ERR, "Audit Record was not committed."); + syslog(LOG_AUTH | LOG_ERR, "audit: record was not committed."); errx(1, "Permission denied"); } }